Risk Priority by Vulnerability
Vulnerabilities that are detected on your assets can be prioritized by their network location or a connection to another device that is vulnerable.
JSA Risk Manager uses asset information and vulnerability information in policy monitor. This information is used to determine whether your assets are susceptible to input type attacks, such as; SQL injection, hidden fields, and clickjacking.
Vulnerability asset questions can include the following criteria:
Assets with new vulnerabilities reported after a specific date.
Assets with specific vulnerabilities or CVSS score.
Assets with a specific classification of vulnerability, such as input manipulation or denial of service.
Finding Assets with Specific Vulnerabilities
JSA Risk Manager evaluates a question and displays the results of assets that contain your vulnerability.
Security professionals, administrators, or auditors can identify assets in your network that contain known SQL injection vulnerabilities. They can promptly patch any assets that are connected to a protected network. As more events are generated, you can create events or offenses in JSA to monitor assets that contain SQL injection vulnerabilities.
- Click the Risks tab.
- On the navigation menu, click Policy Monitor.
- From the Group list, select Vulnerability.
- Select the test question Assess assets with SQL injection vulnerabilities on specific localnet(s) (i.e. protected server network).
- Click Submit Question.